In this section:

Overview

Test configurations define how DTP Engines test and analyze code, including which static analysis rules are enabled, which tests to run, and other analysis parameters.

C/C++test DTP Engine ships with built-in test configurations, but users can create and store their own test configurations in the DTP server. You can access the DTP server via the DTP plug-in. If you have administrator-level access in DTP Report Center, you can also create test configurations directly in DTP (administration> Engines> Test Configurations).

User-defined test configurations that are stored in DTP can be downloaded from the DTP server and stored in the [INSTALL_DIR]/configs/user directory as *.properties files.

Running a Test Configuration

You can specify which configuration will be run in one of the following ways:

Run cpptestcli with the -config switch and specify a built-in, user-defined or DTP-hosted test configuration:

-config "builtin://Recommended Rules"
-config "user://Foo Configuration"
-config "dtp://Foo Team Configuration" 
-config "dtp://FooTeamConfig.properties"

You can also provide a path or URL to the test configuration .properties file:

-config "C:\Devel\Configs\FooConfig.properties"
-config "http://foo.bar.com/configs/FoodConfig.properties"

For example, your command line may resemble the following:

cpptestcli -config "builtin://Recommended Rules" -compiler gcc_3_4 -input cpptest.bdf

In the .properties file, specify the default configuration that will be run when the -config option is not used:
cpptest.configuration=user://Configuration Name

Viewing Available Test Configurations

Use the -listconfigs switch to print the available test configurations.

Built-in Test Configurations

The following table includes the test configurations shipped in the [INSTALL]/configs/builtin directory.

Built-in Test Configuration	Description
Recommended Rules	The default configuration of recommended rules. Covers most Severity 1 and Severity 2 rules. Includes rules in the Flow Analysis Fast configuration.
Find Duplicated Code	Applies static code analysis rules that report duplicate code. Duplicate code may indicate poor application design and lead to maintainability issues.
Metrics	Computes values for several code metrics.
Flow Analysis	Detects complex runtime errors without requiring test cases or application execution. Defects detected include using uninitialized or invalid memory, null pointer dereferencing, array and buffer overflows, division by zero, memory and resource leaks, and dead code. This requires a special Flow Analysis license option.
Flow Analysis Aggressive	Includes rules for deep flow analysis of code. A significant amount of time may be required to run this configuration.
Flow Analysis Fast	Includes rules for shallow depth of flow analysis, which limits the number of potentially acceptable defects from being reported.
CERT C Coding Standard	Checks rules for the CERT C Secure Coding Standard. This standard provides guidelines for secure coding. The goal is to facilitate the development of safe, reliable, and secure systems by, for example, eliminating undefined behaviors that can lead to undefined program behaviors and exploitable vulnerabilities.
CRules	Checks rules that enforce C best practices.
Effective C++	Checks rules from Scott Meyers’ "Effective C++" book. These rules check the efficiency of C++ programs.
Effective STL	Checks rules from Scott Meyers’ "Effective STL" book.
GoogleTest	Analyzes Google Test unit test results.
HIS Source Code Metrics	Checks metrics required by the Herstellerinitiative Software (HIS) group.
ISO 26262 Recommended Rules	Checks rules recommended by the ISO 26262 standard.
Joint Strike Fighter	Checks rules that enforce the Joint Strike Fighter (JSF) program coding standards.
MISRA C	Checks rules that enforce the MISRA C coding standards.
MISRA C [2004, 2012]	Checks rules that enforce the MISRA C 2004 or 2012 coding standards.
MISRA C++ 2008	Checks rules that enforce the MISRA C++ 2008 coding standards.
Parasoft's Recommended FDA C++ Phase 1	Checks the core set of rules recommended for complying with the FDA General Principles for Software Validation.
Parasoft's Recommended FDA C++ Phase 2	Checks a broader set of rules recommended for complying with the FDA General Principles for Software Validation; recommended for organizations who have already implemented the phase 1 rule set.
Parasoft's Recommended FDA C++ Phase 3	Checks a broader set of rules recommended for complying with the FDA General Principles for Software Validation; recommended for organizations who have already implemented the phase 2 rule set.
Sutter-Alexandrescu	Checks rules based on the book "C++ Coding Standards," by Herb Sutter and Andrei Alexandrescu.
The Power of Ten	Checks rules based on Gerard J. Holzmann’s article "The Power of Ten - Rules for Developing Safety Critical Code." http://spinroot.com/gerard/pdf/Power_of_Ten.pdf
Parasoft’s Recommended Rules (Deprecated)	The default configuration of recommended rules. Covers most Severity 1 and Severity 2 rules. Includes rules in the Flow Analysis Fast configuration.
DISA-STIG Coding Standard	Includes rules that find issues identified in the DISA-STIG standard
CWE-SANS Top 25 Most Dangerous Programming Errors	Includes rules that find issues classified as Top 25 Most Dangerous Programming Errors of the CWE-SANS standard.
SAMATE Annex A Source Code Weaknesses	Includes rules that find issues identified in the NIST SAMATE standard
OWASP Top 10 Security Vulnerabilities	Includes rules that find issues identified in OWASP’s Top 10 standard
Payment Card Industry Data Security Standard	Includes rules that find issues identified in PCI Data Security Standard
SecurityRules	General test configuration that finds security issues
Coverage	Generates the code coverage report.

Creating Custom Rules

Use RuleWizard to create custom rules. To use the rule in the DTP Engine, it needs to be enabled in a test configuration and the custom rule file must be located in one of the following directories:

[INSTALL_DIR]\rules\user\
[DOCUMENTS DIR]\Parasoft\[engine]\rules where [DOCUMENTS DIR] refers to the "My Documents" directory in Windows.